Oracle Tuxedo 12.1.1.0.0

CPE Details

Oracle Tuxedo 12.1.1.0.0
oracle
tuxedo
12.1.1.0.0
2019-06-11
16h10 +00:00
2019-06-11
16h10 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:oracle:tuxedo:12.1.1.0.0:*:*:*:*:*:*:*

Informations

Vendor

oracle

Product

tuxedo

Version

12.1.1.0.0

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2019-0227 2019-05-01 18h03 +00:00 A Server Side Request Forgery (SSRF) vulnerability affected the Apache Axis 1.4 distribution that was last released in 2006. Security and bug commits commits continue in the projects Axis 1.x Subversion repository, legacy users are encouraged to build from source. The successor to Axis 1.x is Axis2, the latest version is 1.7.9 and is not vulnerable to this issue.
7.5
High
CVE-2018-5407 2018-11-15 20h00 +00:00 Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'.
4.7
Medium
CVE-2018-0734 2018-10-30 12h00 +00:00 The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a (Affected 1.1.1). Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.0.2q (Affected 1.0.2-1.0.2p).
5.9
Medium
CVE-2018-0735 2018-10-29 13h00 +00:00 The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.1.1a (Affected 1.1.1).
5.9
Medium
CVE-2018-8032 2018-08-02 13h00 +00:00 Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site scripting (XSS) attack in the default servlet/services.
6.1
Medium